Banking and Financial Services


Healthcare and Insurance


High Technology and Manufacturing

Service Companies

Information Request

Contact Us

Healthcare and Insurance

With the United States Department of Health and Human Services (HHS), Office of Inspector General (OIG) performing HIPAA security compliance audits, it's a good time for covered entities to assess the state of their security practices. "The last thing you want to happen is for the OIG auditor to be the first to discover a control procedure that is not being consistently performed. Without an internal control program, the risks are just too high," says Fred Cox, Managing Director, FDC Associates.

The first step is to get your policies and procedures to accurately and clearly direct the activities of your employees to be HIPAA compliant, and ensure that they map completely to the Security requirements. FDC Associates is a trusted technology advisor and can assist you in putting your compliance efforts on track. We will conduct HPIAA-required risk assessments, security gap analysis, security audits, security plan development, craft policy and conduct employee training and ongoing monitoring of your information infrastructure. We are expert at performing:

HIPPA ePHI Risk Assessments, Audits and Security Plans
External Network Vulnerability and Penetration Testing
Internal Network Vulnerability Assessment
Application and Database Security Testing

The foundation for your approach to security measures is the risk assessment or analysis. It's a required element of the security rule and can be leveraged to identify which policies and procedures you need to have in place to mitigate the identified risks, and to set the scope of your internal assessment work to ensure the procedures are consistently applied. A comprehensive risk assessment will "knit" the whole process together.

FDC Associates can help you assess, design and verify your HIPAA security controls. The skills and capabilities of our professionals include internal IT audit, information security, IT consulting and network vulnerability testing. Our experienced Certified Information Systems Auditors (CISA), Certified Information Systems Security Professionals (CISSP), Certified Fraud Examiners (CFE) and Certified Microsoft Professionals (CMP) have worked in IT audit roles for over 20 years. Simply put, we are the best at what we do.

For more information, complete an Information Request or Contact Us.